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REMARKS 

Claims 10-28 stand rejected under 35 U.S.C § 101 as being directed toward non- 
statutory subject matter. Claims 1-28 stand rejected for obviousness under 35 U.S.C § 
103(a) as being unpatentable over Dunn et ah, (U.S. Patent No, 7,428,750) (hereafter 
"Dunn") in view of Bussler et al., (U.S. Pat. No. 7,072,898) (hereafter "Bussler"). 
Applicants presently amend the claims and the specification to cure the rejections under 
35 U.S.C. § 101 . As will be shown below, moreover, neither Dunn nor Bussler, either 
alone or in combination, teaches or suggests a method, system, or computer program 
product for cross domain security information conversion as claimed in the present 
application, Claims 1-28 are therefore patentable and should be allowed. Applicants 
respectfully request reconsideration of claims 1-28. 

Claim Amendments 

Applicants presently amend claim 1 of the present application to include "wherein the 
canonical format is a data format for security information that is standardized for user in 
data transformations of security information", as supported in the Specification, for 
example, at page 7, line 4-10. Applicants presently amend claims 19-25, and 27-28 of the 
present application to recite a recordable computer-readable medium. Applicants submit 
that these amendments do not introduce new subject matter into the present application. 

Claim Rejections - 35 U.S.C § 101 

Claims 10-28 stand rejected under 35 U.S.C § 101 as being directed to non-statutory 
subject matter. The Office Action at page 5, states: 

Claims 10-28 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. These claims do not 
restrict the claimed invention to statutory classes of invention. Rather, the 
specification defines computer program products embodied on a recording 
medium to encompass transmission media. (See Specification, pg. 6, line 
22) Hence, these claims are limited to statutory subject matter. 
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That is, the Office Action takes the position that Applicants 1 usage of the term 'recording 
medium* in claims 19-28 renders Applicants* claims outside realm of statutory subject 
matter because 'recording medium* encompasses 'transmission medium.* In response, 
Applicants have amended the Specification remove the reference to 'transmission 
medium*. The relevant portion of the Specification, as amended, reads as follows: 

Hie invention also may be embodied in a computer program product, such 
as a diskette or other recording medium, for use with any suitable data 
processing system. Embodiments of a computer program product may be 
implemented by use of any recording medium for machine-readable 
information, including magnetic media, optical media, transmission 
m e dio, - or other suitable media. 

That is, the Specification as presently amended no longer defines a recording medium to 
encompass a transmission medium. 

Applicants also amend Claim 1 9 in this Response to add to claim 1 9 die limitation that 
the the computer program product is embodied on a recordable computer-readable 
medium, thereby further clarifying that the claims in this case can no longer be read to 
include a transmission medium. Claim 19, and claims 20-28 which depend from claim 
1 9, are therefore statutory. 

In paragraph 7 of the Office Action, the examiner recites a rejection of claims 10-29 
under 35 U.S.C. § 101, apparently including claims 10-18 in the § 101 along with claims 
19-28. Applicants have cured the rejections of claims 19-28 by amendment as noted 
above. Regarding the apparent rejection of claims 10-18, Applicants respectfully submit 
that the rejection appears to have been a clerical error in which the examiner actually 
intended to refer only to claims 19-28 and typed 10-28 by mistake. Applicants further 
note that in fact claims 10-18 are directed to apparatus, that is, to a system for cross 
domain security information conversion, not a computer program product, and are 
therefore entirely statutory. Applications respectfully request that the rejection of claims 
10-28 under 35 U.S.C § 101 be withdrawn. 
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Claim Rejections - 35 U^C* § 103 

Claims 1-28 stand rejected under 35 U.S.C § 103(a) as unpatentable over Dunn in view 
of Bussler. The question whether Applicants 9 claims are obvious is examined in light of: 
(1) the scope and content of the prior art; (2) the differences between the claimed 
invention and the prior art; (3) the level of ordinary skill in the art; and (4) any relevant 
secondary considerations, including commercial success, long felt but unsolved needs, 
and failure of others. KSRInt'lCo. u Telejlexlnc, 127SXX 1727, 1729-1730, 82 USPQ 
1 385 (2007). Although Applicants recognize that such an inquiry is an expansive and 
flexible one, the Office Action must nevertheless demonstrate a prima facie case of 
obviousness to reject Applicants 1 claims for obviousness under 35 U.S.C. § 103(a). In re 
Khan, 441 E3d 977, 985-86 (Fed. Cm 2006). To establish a prima facie case of 
obviousness, the proposed combination of Dunn and Bussler must teach or suggest all of 
Applicants' claim limitations. MPEP 2 1 42 (citing In re Royka, 490 F.2d 98 1 , 985, 1 80 
USPQ 580, 583 (CCPA 1974)). As shown below in more detail, the proposed 
combination of Dunn and Bussler cannot establish a prima facie case of obviousness 
because the proposed combination does not teach or suggest each and every element of 
the claims of the present application. As such, Applicants respectfully traverse each 
rejection individually. 

The Combination of Dunn And Bussler Neither Teaches Nor Suggests 
Returning To The System Entity The Security Information 
In The Native Format Of The Second Security Domain 

The Office Action takes the position that Dunn at column 19, lines 32-35, and at FIG. 4, 
reference number 416, discloses the following element of claim 1 : returning to the 
system entity the security information in the native format of the second security domain. 
Applicants respectfully note in response, however, that what Dunn in fact discloses at 
column 19, lines 32-35, is: 
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7. The identity broker 206 finds that userA@pageB.net is linked to 
userA@pageA.net and is associated with the financial web site. 

8. The identity broker 206 sends a request to the authentication system to 
validate userA@pageB.net and receives an authentication ticket from the 
authentication system. 

And regarding FIG 4, reference number 416, here is how Dunn, in the Dunn reference 
itself at column 11, lines 3-28, describes what is found at FIG 4, reference number 41 6: 



Referring next to FIG. 4, an exemplary flow chart illustrates identity 
brokering after the user has registered at least two identities with the 
identity broker 206. The user navigates to the target service 204 from a 
previous site at 402 and is authenticated at 404, 406 if necessary. In a 
simple case, if the user identity presented to the target service 204 is 
recognized by the target service 204 at 408 and an authenticated identity is 
not required when returning to the previous site at 410, the identity broker 
206 is not invoked and the user task is completed at 412. However, if an 
authenticated identity is required when returning to the previous site and 
the identity broker 206 was used at 414, the identity broker 206 
repackages the user identity to include credential information at 416 and 
the user task is completed at 412. If the user identity presented to the 
target service 204 is not recognized by the target service 204, the identity 
broker 206 operates to deliver an appropriate identity to the target service 
204 at 420 in response to a request from the target service 204 at 418. If 
no appropriate identity exists in the user identity database 216, the identity 
broker 206 interacts with the target service 204 to register a new user 
identity for the user at 422. Registering a new user identity may include 
adding a new credential. After registering new user identity information, 
operation continues by determining if an authenticated identity is required 
when returning to the previous site at 41 0. 

That is, Dunn at these reference points teaches an identity broker that authenticates a 
second identity registered by a user with the identity broker if a target service requires the 
second identity but the user is logged in with a first identity registered with the identity 
broker. Dunn teaches that if the user does noit have the second identity registered with the 
identity broker, requesting the user to complete a registration for the second identity. 

The independent claims of the present application, however, recite not one word 
regarding authentication of a second identity or registration of a second identity. The 



13 



AUS920040010US1 



independent claims, claims 1, 10, and 19, of the present application recite translation of 
security information to a native format of a second security domain with no concern 
whatsoever regarding whether that information is then useful for authentication in a 
second domain or whether that security information even exists in the second domain. 
Whether the system entity of the present claims uses the transformed security Information 
for authentication in the second domain or whether the system entity is eventually 
required by the second domain to effect some additional registration is of no concern 
whatsoever to the invention recited in the independent claims of the present case. 

Dunn's identity broker does not teach or suggest returning to the system entity the 
security information in the native format of the second security domain as claimed in the 
present application, that is, returning the same security information transformed into a 
format required by the second domain. Turning to Bussler, even if Bussler taught 
something about security, which it does not, nevertheless, there is nothing in Bussler that 
when combined with Dunn would teach or suggest returning to the system entity the 
security information in the native format of the second security domain* Note in 
particular that there is no returning function in Bussler in any way similar to or 
suggestive of returning to the system entity the security information in the native format 
of the second security domain as claimed here. On the contrary, the processing disclosed 
in Bussler takes the transformed data in one direction only, from source-side native phase 
to source-side application phase, from source-side application phase to common view 
phase, from common view phase to target-side application phase, and so on. But there is 
no teaching or suggestion in Bussler of any return from the target side to the source side. 
The proposed combination of Dunn and Bussler, not teaching or suggesting the returning 
of security information in native format of a second security domain as claimed here, 
cannot be said to teach or suggest all the elements and limitations of the claims of the 
present application. The Office Action therefore cannot establish a prima facie case of 
obviousness by use of the proposed combination of Dunn and Bussler. The rejections of 
claims 1-28 should be withdrawn, and the claims should be allowed. 
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Bussler Teaches Away From Cross Domain Security Information 
Conversion As Claimed In The Present Application 

Bussler actually teaches away from cross domain security information conversion, as 
claimed in the present application. Teaching away from the claims is a per se 
demonstration of lack of prima facie obviousness. In re Dow Chemical Co., 837 F.2d 
469, 5 U.S,P,Q.2d 1529 (Fed, Cir. 1988); In re Fine, 837 F.2d 1071, 5 U.S.P.Q.2d 1596 
(Fed Cir. 1988); In re Neilson, 816 F.2d 1567, 2 U.S,P.Q.2d 1525 (Fed, Cir. 1987). The 
present application claims returning to the system entity the security information in the 
native format of the second security domain. The whole point of the claims of the 
present application is that the invention as claimed solves the problem that a data 
processing entity needs security information formatted in both the native formats of two 
security domains, that is, two different data formats needed by the same data processing 
entity. There is no parallel between Bussler's processing phases and the native formats of 
two different security domains as claimed in the present invention. The fact that Bussler 
discloses processing phases for data format conversion does not teach or suggest 
transforming formats and then returning the second format to the same entity for use in 
the second domain as claimed here. In fact, it is clear that once transformed for use in the 
target-side native phase, Bussler's only teaching is that the transformed data is used by 
the target application alone, never returned in any way for any use whatsoever by the 
source application, thereby teaching directly away from such a return as claimed here. 
Because Bussler teaches away from the claimed returning step in the present application, 
the proposed combination of Dunn and Bussler cannot support a prima facie case of 
obviousness. 

There Is No Rational Underpinning For The 
Combination Of Dunn With Bussler 
As Proposed In Hie Office Action 

The Office Action takes the position at page 6, paragraph 1 2, that the motivation to 
combine Dunn with Bussler is to disburse the integration of the several participants of the 
communication, thereby reducing the complexity of the conversion, as found in Bussler 
at column 2, lines 30-36. Applicants respectfully note in response, however, that the 
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cited teaching in Bussler provides no motivation to combine the method for exchanging 
communications between heterogeneous applications Caught in Bussler with the method 
for managing multiple identities taught in Dunn to achieve the claimed invention. 
Rejections on obviousness grounds cannot be sustained by mere conclusory statements; 
instead, there must be some articulated reasoning with some rational underpinning to 
support the legal conclusion of obviousness- In re Kahn, 441 R 3d 977, 998 (Fed. Cir. 
2006), cited with approval in KSR v. Teleflex, 550 U.S. 398 (2007), 

In the present case, no rational underpinning for the combination of Dunn with Bussler 
can possibly exist because the references disclose nothing that can rationally be 
combined. There is nothing in the references which when combined will result in 
security data processing as claimed here with one entity utilizing security data in native 
formats of two different domains. Dunn seems to have something to do with security but 
teaches nothing about data conversion. Bussler seems to have something to do with data 
conversion but teaches nothing about security. And neither reference, separately or in 
combination, teaches or suggests the return of a second native format to a processing 
entity putting two different native formats in possession of that entity. On the contrary, 
because Bussler teaches away from such joint use of two native formats and Dunn 
teaches nothing on the subject whatsoever, the combination of the two references simply 
would never result in the joint processing as claimed here. And with no overlap at all in 
the subject matter of the two references, no data conversion in Dunn, no security 
processing in Bussler, no rational inventor would ever be expected to turn to these two 
references in combination to find the joint security-related processing of two different 
native formats as claimed here. 

Applicants further submit that the failure in this Office Action to set forth a rational 
underpinning for the combination of references or any motivation to combine the 
references is strong evidence of the use of hindsight in obviousness analysis. The Court 
of Appeals for the Federal Circuit recently affirmed the usefulness of the TSM test in 
obvious analysis, that is, teaching, suggestion, motivation. Ortho-McNeil v. Mylan, Slip 
Opinion, Case No. 1223 (Fed. Cir. 2007). Applicants respectfully submit that KSR's 
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injunction to examiners to expressly set forth a rational underpinning to propose a 
combination of references is legal reasoning parallel to the motivation element of the 
TSM test, "As this court has explained, however, a flexible TSM test remains the 
primary guarantor against a non-statutory hindsight analysis ..." Ortho-McNeil v. 
Mylan, Id, citing with approval In re Tramhgic Tech, Inc., 504 F3d 1249, 1257 (Fed. 
Cir. 2007). In this case, hindsight analysis is composed of the taking of two unrelated 
references that no inventor would ever combine and labeling an invention obvious merely 
because claim elements can be found by arbitrarily picking and choosing among the 
references with no real reason to do so. In fairness to the examiner in this case, 
Applicants note that it is literally impossible to express any rational underpinning or 
motiviation for the combination - the references are just too different So Applicants are 
forced, with all due respect, to the conclusion of hindsight, because, given the 
relationship between the claims and the cited references, hindsight is the only possible 
way the examiner could have made the combination. There is just no basis other than 
hindsight for the combination in this case. 

Relations Among Claims 

Independent claims 10 and 19 recite respectively system and computer program product 
aspects of the method of claim 1 . As explained above in delail, the combination of Dunn 
and Bussler does not render claim 1 obvious. For the same reasons that the combination 
of Dunn and Bussler does not render obvious claim 1, the combination of Dunn and 
Bussler also does not render obvious a system or a computer program product for cross 
domain security information conversion corresponding to independent claims 1 0 and 19. 
Independent claims 10 and 19 are therefore patentable and should be allowed. 

Dependent Claims 2-9, 11-18, and 20-28 depend from independent claims 1, 10, and 19. 
Each dependent claim includes all of the limitations of the independent claim from which 
it depends. Because the combination of Dunn and Bussler does not render obvious the 
independent claims, the combination of Dunn and Bussler also does not render obvious 
the dependent claims of the present application, which are further limitations of the 
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independent claims. As such, claims 2-9, 1 1 - 1 8 3 and 20-28 are also patentable and 
should be allowed. 



The Office Action rejects claims 10-28 under 35 U.S.C. § 1 01 as being directed to non- 
statutory subject matter. As explained above, Applicants' claims 10-28 as presently 
amended are directed toward statutory subject matter entitled to patent protection under 
35 U.S.C. § 101. Applicants therefore respectfuHy request reconsideration of claims 10- 
28. 

Claims 1-28 stand rejected under 35 U.S.C. § 103 as being unpatentable over Dunn in 
view of Bussler. As explained above, the combination of Dunn and Bussler does not 
render obvious Applicants' claims. Claims 1 - 28 are therefore patentable and should be 
allowed. Applicants respectfully request reconsideration of claims; I -28. 

The Commissioner is hereby authorized to charge or credit Deposit Account No. 09-0447 
for any fees required or overpaid. 



Conclusion 



Respectfully submitted, 
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